2024 was a year of strengthening: our first-ever annual report, a formalised governance structure recognising the Corporation and Foundation as independent, co-equal organisations, and the first update to our support contract structure since 2019.
For the past five years, we have delivered commercial support services, ensuring that businesses and organisations can securely use the OpenSSL Library. The income from commercial support funds the majority of ongoing development — and ensures that what we produce continues to evolve to meet modern security demands.
We have also financially supported the OpenSSL Foundation, allowing it to focus on its non-commercial activities and to grow into the organisation it is today. From OpenSSL 3.0 to 3.5, funding of the OpenSSL Project was almost exclusively the responsibility of the Corporation as income from donations to the Foundation dwindled; improved income has now let us expand that support.
We introduced new communication channels, including the Advisory Committees, to engage more deeply with those who rely on the projects under the OpenSSL Mission. I have been pleasantly surprised by the speed at which our communities have shown their enthusiasm in connecting with us and providing feedback.
We are just getting started. Our commitment remains unchanged: upholding our Mission to provide security and privacy tools for all.
After adopting our Mission and Values and recognising the varying needs of commercial and non-commercial communities, we formalised the governance structure of the two organisations.
The key change, on March 1, 2024, was officially recognising the OpenSSL Corporation and the OpenSSL Foundation as independent, co-equal organisations with distinct focuses — the Corporation on commercial communities and activities, the Foundation on non-commercial ones.
As part of this restructuring, the OpenSSL Management Committee (OMC) was dissolved effective March 1, 2024, and the OpenSSL Technical Committee (OTC) was scheduled for dissolution in April 2025.
To ensure strong governance, we expanded the voting membership to 10 individuals with long-term involvement in the OpenSSL Library, responsible for electing the Board of Directors.
FY2024 was marked by financial stability, a new support contract structure, and infrastructure investment. For the first time since 2019, we updated our support contract structure and pricing.
Our customer base crossed the 100-customer milestone during FY24, with a renewal rate of 88% reflecting the strong value clients place on our services. Customers span top-tier enterprises, many generating billions in revenue.
The OpenSSL Library saw major advancements in 2024, with a transition to a time-based release model — demonstrating our ability to deliver predictable, on-time releases.
In September 2024, the OpenSSL Corporation announced a strategic partnership with Lightship Security, a leading cryptographic security test lab and an Applus+ Laboratories company.
This collaboration establishes Lightship Security as the primary laboratory for FIPS 140-3 validations of the OpenSSL cryptographic library, ensuring a streamlined certification process. Beyond validations, Lightship also assists Corporation clients with rebrand certifications — simplifying compliance for vendors in regulated industries such as healthcare, finance, and ICT.
The complete Annual Report 2024 covers governance, finance, engineering, customers, and community in full detail.
